Paper 2019/804

Improved Low-Memory Subset Sum and LPN Algorithms via Multiple Collisions

Claire Delaplace, Andre Esser, and Alexander May

Abstract

For enabling post-quantum cryptanalytic experiments on a meaningful scale, there is a strong need for low-memory algorithms. We show that the combination of techniques from representations, multiple collision finding, and the Schroeppel-Shamir algorithm leeds to improved low-memory algorithms. For random subset sum instances $(a_1, \ldots, a_n,t)$ defined modulo $2^n$, our algorithms improve over the Dissection technique for small memory $M < 2^{0.02n}$ and in the mid-memory regime $2^{0.13n} < M < 2^{0.2n}$. An application of our technique to LPN of dimension $k$ and constant error $p$ yields significant time complexity improvements over the Dissection-BKW algorithm from Crypto 2018 for all memory parameters $M< 2^{0.35 \frac{k}{\log k}}$.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
time-memory trade-offrepresentationsparallel collision search
Contact author(s)
andre esser @ rub de
History
2019-07-14: received
Short URL
https://ia.cr/2019/804
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2019/804,
      author = {Claire Delaplace and Andre Esser and Alexander May},
      title = {Improved Low-Memory Subset Sum and LPN Algorithms via Multiple Collisions},
      howpublished = {Cryptology ePrint Archive, Paper 2019/804},
      year = {2019},
      note = {\url{https://eprint.iacr.org/2019/804}},
      url = {https://eprint.iacr.org/2019/804}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.